[jira] [Updated] (YARN-3654) ContainerLogsPage web UI should not have meta-refresh
[ https://issues.apache.org/jira/browse/YARN-3654?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Vinod Kumar Vavilapalli updated YARN-3654: -- Labels: 2.7.2-candidate (was: ) > ContainerLogsPage web UI should not have meta-refresh > - > > Key: YARN-3654 > URL: https://issues.apache.org/jira/browse/YARN-3654 > Project: Hadoop YARN > Issue Type: Bug > Components: yarn >Affects Versions: 2.7.1 >Reporter: Xuan Gong >Assignee: Xuan Gong > Labels: 2.7.2-candidate > Fix For: 2.8.0 > > Attachments: YARN-3654.1.patch, YARN-3654.2.patch > > > Currently, When we try to find the container logs for the finished > application, it will re-direct to the url which we re-configured for > yarn.log.server.url in yarn-site.xml. But in ContainerLogsPage, we are using > meta-refresh: > {code} > set(TITLE, join("Redirecting to log server for ", $(CONTAINER_ID))); > html.meta_http("refresh", "1; url=" + redirectUrl); > {code} > which is not good for some browsers which need to enable the meta-refresh in > their security setting, especially for IE which meta-refresh is considered a > security hole. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (YARN-3654) ContainerLogsPage web UI should not have meta-refresh
[ https://issues.apache.org/jira/browse/YARN-3654?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Xuan Gong updated YARN-3654: Attachment: YARN-3654.2.patch > ContainerLogsPage web UI should not have meta-refresh > - > > Key: YARN-3654 > URL: https://issues.apache.org/jira/browse/YARN-3654 > Project: Hadoop YARN > Issue Type: Bug > Components: yarn >Affects Versions: 2.7.1 >Reporter: Xuan Gong >Assignee: Xuan Gong > Attachments: YARN-3654.1.patch, YARN-3654.2.patch > > > Currently, When we try to find the container logs for the finished > application, it will re-direct to the url which we re-configured for > yarn.log.server.url in yarn-site.xml. But in ContainerLogsPage, we are using > meta-refresh: > {code} > set(TITLE, join("Redirecting to log server for ", $(CONTAINER_ID))); > html.meta_http("refresh", "1; url=" + redirectUrl); > {code} > which is not good for some browsers which need to enable the meta-refresh in > their security setting, especially for IE which meta-refresh is considered a > security hole. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (YARN-3654) ContainerLogsPage web UI should not have meta-refresh
[ https://issues.apache.org/jira/browse/YARN-3654?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Xuan Gong updated YARN-3654: Attachment: YARN-3654.1.patch Create a patch based on my proposal. Tested the patch in a single node cluster. * use firefox (chrome and safari can not be used to do the test), in Preferences--> Advanced -->General, mark "Warn me when websites try to redirect or reload the page" * start a historyserver, and configure yarn.log.server.url and point to historyserver log (such as http://localhost:19888/jobhistory/logs) * Run a mapreduce job, and wait for the job finishes * go to application web ui and click the log url in attempts table * without the patch, the firefox browser will block the redirect and ask for the permission whether the redirection is allowed * with this patch, it will directly redirect to the url that we re-configured in yarn-site.xml > ContainerLogsPage web UI should not have meta-refresh > - > > Key: YARN-3654 > URL: https://issues.apache.org/jira/browse/YARN-3654 > Project: Hadoop YARN > Issue Type: Bug > Components: yarn >Affects Versions: 2.7.1 >Reporter: Xuan Gong >Assignee: Xuan Gong > Attachments: YARN-3654.1.patch > > > Currently, When we try to find the container logs for the finished > application, it will re-direct to the url which we re-configured for > yarn.log.server.url in yarn-site.xml. But in ContainerLogsPage, we are using > meta-refresh: > {code} > set(TITLE, join("Redirecting to log server for ", $(CONTAINER_ID))); > html.meta_http("refresh", "1; url=" + redirectUrl); > {code} > which is not good for some browsers which need to enable the meta-refresh in > their security setting, especially for IE which meta-refresh is considered a > security hole. -- This message was sent by Atlassian JIRA (v6.3.4#6332)